Identity Verification Check Failing in Android

[gboyegadada]

Hi, I am getting this error in the Logcat:

E/Intercom: Failed to register or update user: {"type":"error.list","request_id":"001ligk1dqc048api22g","errors":[{"code":"hmac_mismatch","message":"Failed Identity Verification check"}]}

As well as this in my app:

Steps taken:

I generate the hmac user hash on the server side (PHP using Symfony framework) as in the Intercom documentation:

hash_hmac('sha256', $intercom_external_user_id, $intercom_secret_key);

In my mobile app, I set the user hash:

// note: I have also tried registering identified user before the hash and vice versa

await Intercom.setUserHash(profile.intercom_hash) // hash_received_from_backend
await Intercom.registerIdentifiedUser({ userId: profile.username }) // intercom_external_user_id_from_backend

I also checked to make sure the setUserHash is called in the android part of the library and it does call Intercom.client().setUserHash(userHash) with the hash that I pass from react but the verification always fails.

We originally had a native android app and verification was fine but I am unable to verify in react native.

Please help !

[gboyegadada]

I finally found out that a separate identity key was being used in our original android app. I think that is related to this part of the documentation:

Your app server authentication code needs to be modified so that is uses the Intercom Android API Secret to create a HMAC digest (hash based message authentication code) from the user id or email address for that user. Then it returns the HMAC digest to your Android app. Note that identity verification does not apply to unidentified users, for whom you do not have a user id or email address.

[1awaleed]

Hello @gboyegadada Can you please expand more on how you got to set a user hash to the logged in user? I cannot find any specific documentation here? & is it possible to generate the hash on the client side not the server side?